Field of the Invention
The invention relates to a method for protecting a subscriber identity module configured in a mobile station where the method also enables a mobile subscriber to be identified in a radio communication network, and to a corresponding radio communication network.
As is known, there are a number of types of security functions performed in a radio communication network, for example networks in the GSM Standard. EP-0 822 727 A2 describes a method and a system, in which mobile subscribers identify themselves in the network using a subscriber identity module, also called a SIM card (Subscriber Identity Module) or a smart card. The subscriber identity module is normally located in the mobile station that is used by the subscriber.
Furthermore, it is generally known for the mobile station to initiate updating of the management of the subscriber (location update) when the mobile subscriber moves from one supply area to another supply area. Subscriber data that is stored in a previously responsible subscriber database, for example in a visitor register (visitor location register) that is associated with the previous supply area, is cancelled at the network end. The request to cancel the subscriber data (cancel location) which is sent to the previous subscriber database is initiated in the network by a further subscriber database, for example the home register (home location register).
In the situation where the subscriber identity module is xe2x80x9ccrackedxe2x80x9d, it is possible for third parties to make an unauthorized xe2x80x9cclonexe2x80x9d (SIM-card cloning), which leads to the unauthorized subscriber being able to use voice and data links with the forged card, at the expense of the card holder. However, the card holder is not aware of the misuse of his subscriber identity module, if at all, until he is billed, and he or the network operator furthermore, cannot easily determine who has caused the misuse. The radio communication network of a conventional type does not check whether more than one mobile subscriber with the same identity is active in the network.
It is accordingly an object of the invention to provide a method and a radio communication network which enables better protection of the subscriber identity module from misuse, and which overcomes the hereinafore-mentioned disadvantages of the heretofore-known methods and devices of this general type.
With the foregoing and other objects in view there is provided, in accordance with the invention, a method for protecting a subscriber identity module in a mobile station. A network portion or network end is provided for establishing a radio communication network with mobile stations. A subscriber identity module is used to identify a mobile subscriber associated with a particular one of the mobile stations. When the particular one of the mobile stations is moved from an initial supply area to a new supply area, the particular one of the mobile stations is used to initiate updating of the management of the mobile station. Subsequently, subscriber data, associated with the particular one of the mobile stations, which is stored in a previously responsible subscriber database at the network portion is canceled. A radio paging message is transmitted from the network portion to mobile stations in the initial supply area. If at least one of the mobile stations in the initial supply area responds to the radio paging message and transmits a mobile subscriber identity, the network portion is used to evaluate the mobile subscriber identity that has been received from the at least one of the mobile stations.
The network portion uses the additional radio paging message to the old supply area in which the mobile subscriber is, in fact, no longer located to check whether another mobile station is still active and responds to the paging with the same subscriber identity as that of the authorized subscriber. If this situation occurs, the evaluation of the received subscriber identity automatically provides information about at least one further mobile station which is active without authorization and which is using the same subscriber identity module, so that further steps can be initiated against misuse of the subscriber identity module in this mobile station, and thus against the person causing the misuse, by the subscriber or by the network operator. This results in reliable protection against unauthorized access (cloning) to the subscriber identity module which is reserved solely for the card user. A further advantage of the invention is that by detecting the xe2x80x9cclonedxe2x80x9d SIM card, the network operator can avoid discussions, without evidence, relating to bills that are incorrect because they are too high.
In accordance with an added feature of the invention, there is provided a step of using the mobile station to transmit location information about the mobile subscriber together with the subscriber identity when responding to the radio paging message. This information is evaluated at the network end. In addition to the information about the SIM card that is being used without authorization, this also provides information about the location, thus allowing rapid access to the user of the other mobile station who is misusing a card.
In accordance with an additional feature of the invention, evaluation of the received information is carried out by an operation and maintenance center in the radio communication network. The result of the evaluation is transmitted to the network operator of the radio communication network in order to protect the subscriber identity module against misuse. This allows the information about any possible misuse to be passed on directly to a higher-level facility, to which the network operator has direct access, and allows appropriate measures to be taken by the network operator to filter or stop the unauthorized subscriber.
In accordance with another feature of the invention, a list of subscriber identities of those mobile stations which transmit a response to the radio paging message received in the old supply area is produced for the network operator.
In accordance with a further feature of the invention, a counter is set up at the network end for the mobile subscriber to store or determine the number of changes in supply area. The additional transmission of the radio paging message to the old supply area is controlled as a function of a predetermined count being reached. This avoids any dynamic load on the radio interface which could possibly occur in the old area due to the additional paging for security purposes. The additional xe2x80x9cpagingxe2x80x9d of the old area is initiated only when the count, corresponding to a threshold value, is reached, rather than on each occasion when the management of the mobile subscriber is updated due to a movement from one supply area to another.
In accordance with yet an added feature of the invention, the counter is preferably set up in a subscriber database in the radio communication network. The database initiates canceling of the data stored in the previously responsible subscriber database and on when the count is reached, transmits a control character, by means of which the previously responsible subscriber database is requested to transmit the additional radio paging message.
In accordance with yet an additional feature of the invention, the additional transmission of the radio paging message at the network end to the old supply area can be controlled as a function of the traffic load in this supply area. A switch-on/switch-off functionality is provided for the additional paging to the old supply area, which causes the paging option to be switched off if the traffic load is high and the paging option to be switched on, for example by the network operator, when the traffic load is low.
With the foregoing and other objects in view there is provided, in accordance with the invention, a radio communication network for protecting a subscriber identity module configured in a mobile station. The radio communication network includes a mobile station having a subscriber identity module for identifying a mobile subscriber. The mobile station initiates updating of the management of the mobile station when the mobile station is moved from an initial supply area to a new supply area. A network portion is provided that has an initially responsible subscriber database for storing subscriber data. The network portion cancels the subscriber data from the initially responsible subscriber database after the mobile station has initiated updating of the management of the mobile station. The network portion includes a device for transmitting a radio paging message to mobile stations located in the initial supply area. The network portion also includes a device for evaluating a mobile subscriber identity of a responding mobile station that responds to the radio paging message.
In accordance with concomitant features of the invention, the responding mobile station includes a device for transmitting location information about the mobile subscriber and for transmitting the mobile subscriber identity of the responding mobile station when responding to the radio paging message. The network portion includes a device for evaluating the location information. The network portion includes an operation and maintenance center for evaluating both the location information and the subscriber identity transmitted from the responding mobile station. The operation and maintenance center is also for transmitting a result of the evaluation to a network operator to protect the subscriber identity module of the mobile station from misuse.
Other features which are considered as characteristic for the invention are set forth in the appended claims.
Although the invention is illustrated and described herein as embodied in a method and a radio communication network for protecting a subscriber identity module configured in a mobile station, it is nevertheless not intended to be limited to the details shown, since various modifications and structural changes may be made therein without departing from the spirit of the invention and within the scope and range of equivalents of the claims.